[Freedombox-discuss] Initial User Experience (was: Tor .onion domains)

Michael Blizek michi1 at michaelblizek.twilightparadox.com
Mon May 9 18:23:35 UTC 2011 

Hi!

On 19:49 Mon 09 May     , Jonas Smedegaard wrote:
...
> > - or none if the user wants to be invisible.
> 
> If the user wants to be invisible then the user will avoid [c], and 
> possibly [b] as well.
...
> > It is not having a domain which is dangerous. But having a dyndns name 
> > which links your name with your IP address is. The user may think he 
> > is at least somewhat anonymous due to a dynamic IP.
> 
> I wrote "name" (not "dns").  A relationship *must* be established 
> between the box and you(r laptop or cellphone or whatever).  I propose 
> as user expecience for that to baptize the box.

It makes a bit more sense now. However, I still do not not see what the user
would have to do, if he does not want to connect to the box from outside the
LAN. He could connect to e.g. 192.168.1.171 (as written in the handbook - he
has to do this the first time anyway). Why does the user have to enter a name
in this case?

The next question is then how should the name look? Should it resolve to an
IP? Then we have the same problem as with DNS. This name would have to be e.g.
an .onion address to be safe. But I guess this is not what you had in mind...

> I deliberately avoid the underlying technical details (tying a name to a 
> cryptography token) as I want to discuss User Experience here, not 
> technical implementation.  Think "WebID" everywhere I write "name" if 
> you really really must have a concrete example, but please stick to 
> general principles, not specific implementations, in this discussion: 
> Some followers on this list are UX designers, that are helped if such 
> discussions are uncluttered from noisy details about other aspects.

The problem with this is that the "noisy details" can make big differences...

> > I put publication things high on the risk scale, because I think users 
> > really should be aware what they are doing when they publish things. 
> > In many countries there is no free speech. Even in countries with free 
> > speech there are often tons of restrictions. Actually I do not think 
> > we should categorise publication into any "risk class" at all. I 
> > proposed using it for ressource sharing only.
> 
> Ahh, your focus is on anonymity.  Thanks.  Makes more sense now.
> 
> In my opinion humans should be aware not only when publishing things, 
> but also when having sex.  Or baptizing their FreedomBox (hence my note 
> earlier on using creditcard pin code as box name).
> 
> Our task is to help non-geeks be in control of their own digital tools. 
> But not try prevent them shooting themselves in the foot with it: 
> FreedomBox _is_ a powerful device - just as a pencil is, when cleverly 
> used.  So I disagree we should avoid offering blogging tools because 
> they are dangerous or illegal in some situations.  Ressource sharing is 
> dangerous and/or illegal too in some situations.  As are pencils.

I do *not* want FB to get it the way if a user wants to publish something. But
I also do not want it to promote things which can be dangerous without
warning - or even do them silently. This is a fine line.

> > You could ask the user questions like:
> > [ ] I want to stay in contact with friends
> > [ ] I want to publish
> > [ ] ...
> 
> Yes.  Looks quite close to what I proposed.

The difference between first asking for a name and then asking what the user
wants to do and the other way round looks pretty big to me.

	-Mich
-- 
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com

More information about the Freedombox-discuss mailing list